Blog

PyPortal App Launcher

Introduction

PyPortal is a microcontroller that can be programmed using CircuitPython. It has a touchscreen and can be used as a emulate a keyboard and mouse. For this project, we will create a touchscreen with icons that will allow us to launch applications when pressed.

  1. Design: discussions how the touchscreen image and layout are created.
  2. Shortcuts: Create Keyboard Shortcuts to Launch Applications in macOS ( Windows)
  3. Code: CircuitPython code to be added to you PyPortal

The code and design files can be found on Github.

Design

The PyPortal initializes rendering a background image that is .BMP (bitmap image). So I created a template background image that I could insert icons into using Adobe Illustrator. Using this file, I copied and pasted my icons on to the location I wanted and then deleted the while squares underneath.

Icon template file. 3 rows of 4 icons 50×50 pixels. – button-template-12.ai

In order to detect button presses we need to know the boundaries for each icon. The image below shows the pixel length to each border.

Annotated background icon image.

Columns are organized from left to right, from A to D. Rows are organized from top to bottom, from 1 to 3. Please see the below table.

ABCD
1A1B1C1D1
2A2B2C2D2
3A3B3C3D3

We need to know this information in order to determine if an icon is pressed. A touch event returns an (x,y) point with (0,0) being the top left corner. All icons in column B can only be pressed if the x of the touch event is between 97.5 and 147.5. Likewise, all icons in row 1 can only be pressed if the y of the touch event is between 100 and 150. Therefore, if the touch event returns (100,130), then the icon located at B2 has been pressed.

Shortcuts

The easiest way to launch applications using CircuitPython is by sending keyboard commands to your computer. In order to accomplish this on a macOS we need to create these keyboard shortcuts. This is fairly trivial on windows.

  1. Launch Automator on your mac
  2. Create a new “Quick Action”
    1. File -> New -> “Quick Action” -> Choose
  3. Under actions search for “Launch Application”
  4. Drag “Launch Application” into the window
  5. From the drop down list select the application that you want to open
  6. Switch the “Workflow Receives” drop down to “no input”
  7. Save your quick action
    1. Either CONTROL+S or File -> Save
  8. Close Automator
  9. Create the keyboard shortcut to activate the “Quick Action” you created
    1. Go to Settings -> Keyboard
    2. Click on the Shortcuts tab
    3. Select Services
    4. Scroll to the General section near the bottom.
    5. Highlight the “Quick Action” you created and click the Add Shortcut button.
    6. Press the keyboard keys that you want to set the shortcut to.
    7. I used “ALT+CONTROL+SHIFT+COMMAND+[FIRST LETTER OF APP]” for each of my shortcuts. I did this because I knew there would be no other shortcuts using this combination.

Code

The code has comments throughout and they should explain everything. If you have questions please feel free to email me or DM me on twitter. You will need to copy the below code as code.py in the root of your PyPortal as well as you BMP icon file. Please update the below code with your keyboard shortcuts and the name of your BMP icon file.

https://gist.github.com/jfurcean/b2e4d85142a1e519b234564199ad25fb

Cloudflare DNS Propagation Issues

Background

I have been doing website migrations and have been updating the DNS entries of these websites to point at the new server’s IP addresses. I have been getting major propagation delays on my personal devices when checking the sites I have migrated. It took me a little while to realize that this was most likely a Cloudflare DNS issue. When I switched my personal devices DNS servers to Google’s (8.8.8.8) and they worked.

Google DNS was used to circumvent Turkey blocking Twitter, ultimately leading Turkey to block Google DNS in 2014.

I use Cloudflare DNS on all of my personal devices. I mainly do this for privacy and security reasons. They also have simple instructions to set it up on numerous devices.

  • iPhone
  • Android
  • MacOS
  • Windows
  • Linux
  • Router

Solution

After doing some googling, I stumbled across 1.1.1.1 Purge Cache. Everything worked as soon as I used this tool. It took me a while to find this tool as most of the results relate to propagation delays related to using CDN tool that Cloudflare provides.

Humble Book Bundle: Hacking for the Holidays by No Starch Press

No Starch Press is here with a bundle of books flung over their back, Santa-style. Get Serious Cryptography: A Practical Introduction to Modern Encryption, Black Hat Python, Android Security Internals, and more. Happy hacking holidays to you!

  • $571 worth of digital books
  • Pay what you want
  • DRM-free
  • Multi-format

https://www.humblebundle.com/books/hacking-for-the-holidays-books

Pay $1 or more

  • The Tangled Web: A Guide to Securing Modern Web ApplicationsMichal Zalewski
  • Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect AttacksMichal Zalewski
  • Metasploit: A Penetration Tester’s GuideDavid Kennedy, Jim O’Gorman, Devon Kearns, and Mati Aharoni
  • The Car Hacker’s Handbook: A Guide for the Penetration Tester – Craig Smith
  • Practical Forensic Imaging: Securing Digital Evidence with Linux Tools – Bruce Nikkel

Pay $8 or more to also unlock

  • Android Security Internals: An In-Depth Guide to Android’s Security Architecture – Nikolay Elenkov
  • Gray Hat C#: A Hacker’s Guide to Creating and Automating Security Tools – Brandon Perry
  • Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software – Michael Sikorski and Andrew Honig
  • iOS Application Security: The Definitive Guide for Hackers and Developers – David Thiel
  • Black Hat Python: Python Programming for Hackers and Pentesters – Justin Seitz

 Pay $15 or more to also unlock

  • Pentesting Azure Applications: The Definitive Guide to Testing and Securing DeploymentsMatt Burrough
  • Hacking: The Art of Exploitation, 2nd Edition – Jon Erickson
  • Serious Cryptography: A Practical Introduction to Modern Encryption – Jean-Philippe Aumasson
  • Penetration Testing: A Hands-On Introduction to Hacking – Georgia Weidman
  • Attacking Network Protocols: A Hacker’s Guide to Capture, Analysis, and Exploitation – James Forshaw
  • 35% Off Select Print Editions at No Starch Press

Mount SFTP over SOCKS Proxy in OSX with Cyberduck

I can only access certain servers at work over SSH if I am using a machine with a certain static IP address. I wanted to be able to mount the servers file space using SFTP on a Macbook Air when I am either at home or at  a remote location. I investigated a lot of different ways to accomplish this with little success. After a lot of trial and error I was able to create a Socks proxy to my work machine using ssh and then mount the server file systems by using Cyberduck and enabling the use of the socks proxy.

Network Diagram
Network Diagram

First, I needed to create the socks proxy. In order to do this I had to SSH into my work machine and dynamical forward a port 8080. You may forward any port that is not being used greater than 1024. This will send any traffic on that port through the tunnel and out of the machine that you are connected to.

ssh [email protected] -D8080

After I have created the SSH connection with the dynamic port forwarding, I enabled the socks proxy in OSX Network Preferences -> Advanced -> Proxies. Check the “SOCKS Proxy” box. Then, set the “SOCKS Proxy Server” to 127.0.0.1:8080. Finally, add the IP or Domain of the machine that has the SSH connection to the “Bypass proxy settings for these Hosts & Domains” box.

OSX Socks proxy settings
OSX SOCKS Proxy Settings

Now enable the proxy in Cyberduck. Go to “Cyberduck” -> “System Preferences” -> “Connection” and check the box that says “Use system proxy settings”.

Cyberduck system preferences for proxies
Cyberduck system preferences for proxies

Now every connection in Cyberduck will flow through your SOCKS proxy that you set up so you can mount the remote server file system over SFTP.

Using Twitter API with a Proxy in WordPress

1280px-Reverse_proxy_h2g2bob.svg

I was launching a new WordPress website at work that was developed by an outside agency. This site was using twitteroauth built into the theme to access the twitter API. Where I work all the web servers are behind a firewall with a strict whitelist for all incoming and outgoing connections besides the incoming HTTP and HTTPS requests. This makes it difficult to access the twitter API because it could be a different IP address every time. To solve this issues my work provides a proxy server to make requests out to. So my research began.

WordPress began to provide configuration settings in the wp-config.php file for them (http://wpengineer.com/1227/wordpress-proxysupport/):

define('WP_PROXY_HOST', '192.168.84.101');
define('WP_PROXY_PORT', '8080');
define('WP_PROXY_USERNAME', 'my_user_name');
define('WP_PROXY_PASSWORD', 'my_password');
define('WP_PROXY_BYPASS_HOSTS', 'localhost, www.example.com');

Unfortunately, the developers built the twitter api into their theme so I had to manually track down the API calls to modify them to use the WordPress configuration settings. In the twitteroauth.php file in the themes folder I was able to add three lines to the
curl_setopt parameters to function http (http://php.net/manual/en/function.curl-setopt.php):

curl_setopt($ci, CURLOPT_PROXY, '192.168.84.101');
curl_setopt($ci, CURLOPT_PROXYPORT, 8080);
curl_setopt($ci, CURLOPT_HTTPPROXYTUNNEL, 1);

Everything worked once I added those three lines.

MAME Bar Top Aracade Cabinet

Introduction

Update: Check out this Instructable –Legend of Zelda Bartop Arcade Cabinet

In an old episode on Hak5, Wess Tobler (@Dankiswess) did segment on making a MAME bar top arcade cabinet. This segment inspired me to make my own MAME (Multiple Arcade Machine Emulator) arcade cabinet, so I began doing research on different MAME cabinet designs. Bartop Arcade had many different designs and templates for bar top arcades. Below is the design and template that I based my MAME cabinet off of.

Build Phase

Items need for the build phase:

For the build phase I used the template that I found from Bartop Arcade and cut out each piece. I decided against having a slide out drawer, so I had to make some slight modifications. Below is a picture of the cabinet about 90% into the build phase.

After cutting and assembling the exterior of the cabinet, I had to wire all the buttons. Once that was done it was onto the software configuration.

Software Configuration

A lot of research went into deciding exactly how the software side of this project would be configured. I was initially set on using MALA as my front-end, but then I found Hyperspin.

Not only was Hyperspin a superior looking front-end, it would allow me to run many different emulators including a NES and SNES emulator. Hyperspin does most of its configuration through GUIs and XML files. Below is a image of the cabinet 90% complete running PAC-MAN.

Hyperspin also allowed for configuring other applications to open from within it. I configured it to run Aussie Juke as one of the emulators. Also, after reading a comment by Moonlit on episode five of TheNewTech.tv, I decided to modify the registry entry for explorer.exe to boot to Hyperspin.
HKEY_Current_User\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell

Final Thoughts

There are several things I have to do to complete this project. First, I need to finish the marquee. The marquee will end up being a Cylon eye covered by a tinted plexiglass. Second, I need to mount the PC hardware inside the cabinet.

Home Automation Over Wi-Fi

Introduction

On an episode of Hak5 they discussed setting up a garage door to be opened with a mobile device. Unfortunately, the audio was missing on the section where they discussed building/configuring the actual hardware to operate the garage door. This episode inspired me to start working on some home automation that could be accessed with any internet capable device without the need to install any software on the device. I wanted to be able to control several lights throughout my house and my garage.

I decided to use x10 to give me a starting point.

X10 is an international and open industry standard for communication among electronic devices used for home automation, also known as domotics. It primarily uses power line wiring for signaling and control, where the signals involve brief radio frequency bursts representing digital information. A wireless radio based protocol transport is also defined – wikipedia

Hardware

  1. Arduino
  2. 10KΩ Resistor
  3. x10 PSC04
  4. x10 Lamp Module
  5. x10 Universal Relay Module
  6. RJ11 Cable
  7. RJ11 Jack
  8. LAMP server with an open USB port

Step 1: Building and Configuring the Arduino

Follow the wiring schematics below for wiring your Arduino to an RJ11 Jack.

Data Pin = Pin 8

Zero Crossing Pin = Pin 9

X10 - arduino wiring schematic

First, wire the 5v connection on the Arduino to the 10KΩ resistor. This will be wired to the data pin 8. Second wire data pin 8 to the black wire on the RJ 11 surface jack. Wire the green and red wires on the RJ11 surface jack together and wire them to the ground pin on the Arduino. Finally wire the data pin 9 to the yellow wire on the surface jack (sometimes you may have to swap the data pin and the zero crossing pin depending on if the RJ11 cord is a cross over or not)

RJ 11 Jack Wiring
Arduino and RJ11 Jack

Grab the x10 Library from arduino.

Clone my github repository https://github.com/jfurcean/House-Control.git.

Push the arduino/x10House.pde to the arduino. This code reads data in the form of ascii characters over the USB. It converts the characters into x10 byte codes that are used with the x10 Library. It then uses the x10 Library to push x10 commands out to the PSC04 moudle over RJ11.

Step 2: Configuring the Webserver

A webserver running PHP with an open USB port is required. I used a LAMP server running Ubuntu 11.04. Drop the contents of www from my github repository into your active web directory. Inside index.php you must set $serialPath to the path that your arduino is connected to. For example

$serialPath = “/dev/ttyUSB0″;

If your using Apache as your webserver you must allow Apache to write to that path name.

sudo chgrp www-data /dev/ttyUSB0

sudo chmod 775 /dev/ttyUSB0

The web application reads config files to display certain x10 actions. When viewing the web application you need to make sure  userName set. For example:

http://192.168.1.101?userName=john.

This will then use john.xml as the config file. The config file determines what stuff you can control.

<modules>
<module name=’Living Room’ house=’a’ unit=’1′ type=’light’/>
<module name=’Bed Room’ house=’a’ unit=’3′ type=’light’/>
<module name=’Garage’ house=’a’ unit=’2′ type=’button’/>
</modules>

Web Interface

Web Interface - x10 Modules Listing
Web Interface - Light x10 Module Control
Web Interface - x10 Button Module Control

 Step 3: Add/Wire x10 Modules

All that is left is to plug any lamp into a lamp module, an appliance into an appliance module or wire a garage door, sprinkler, etc to the universal relay module.

x10 Lamp Module
x10 Universal Relay Module

Step 4: Enjoy

Enjoy being able to control your house from any internet capable device connected to your network

Light Control via iPod Touch

Garage Door Control via iPod Touch

Questions? Comments? Suggestions?

Please feel free to contact me